8 replies to this topic

[rridgely]

For whatever reason I decided to browse the pc tools forum.(mainly to see what people were saying about the firewall.)
But then I saw something interesting. They have a product called Alternate Operating System Scanner. Its a bootable .iso spyware scan!
If any of you have ever cleaned up a pc so infected it won't boot you know how usefull this could be.(also some infections cannot be removed without a reboot or with windows running. This could bypass that.

Forum:
http://www.pctools.c...isplay.php?f=19

Main site:
http://www.pctools.com/aoss/details/

I haven't tried it yet, and it says on this page that it only removes the main part of an infection.(or enough to get the pc to boot basically, but this could be invaluable for those computers that you can't boot and the person lost their windows cd).
http://www.pctools.com/aoss/

I'll give this a shot soon and report back. Its too late right now for me to be clear headed while I do anything.

[fireryone]

looks handy alright, now i just need an infected machine to test on, :-) lol

[XanaTos112]

sounds very interesting,i may get the chance to use it knowing how bad my mates are @ keeping their pcs safe

[Andavari]

Sounds like a Bart PE for a bootable CD-R/CD-RW, etc.

Perhaps nowhere near as effective; You can also write a key in the registry under the runonce section that can have an application halt the loading of the desktop and some (not all) running processes (have to use msconfig to halt those that want to autostart) in order to get an application to run without much interference. It's a little something I used to use in my Win98 days to get ScanDisk and Defrag to work without complaining about needing to be restarted due to disk activity.

[DennisD]

Thanks for the link rridgely. This is one of those things you hope lies in the drawer gathering dust.

Regards

[Andavari]

I tried it out and it's not that bad, albeit it did produce two false positives.

The only problem I foresee is the inability to update the definition file since to do so requires that their anti-spyware program be installed to get the def file from as per the instructions.

[slowday444]

Andavari, on Feb 4 2007, 04:48 PM, said:

I tried it out and it's not that bad, albeit it did produce two false positives.

The only problem I foresee is the inability to update the definition file since to do so requires that their anti-spyware program be installed to get the def file from as per the instructions.

Since I have open and monitoring Spy Sweeper, AVG Anti-Spyware, Windows Defender, NOD32, Comodo and surf safely, I really don't see the need. I always have a valid subscription of S.D. from our work license. I update it once or twice/week but don't run it because of all the other apps and because of its retarded update method of stopping and restarting, even with scheduled updates, that annoys the heck out of me at work. However, if I was going to do this, I would use CD-RWs and just keep changing it once or twice/week. I think that would work!

[rridgely]

The program isn't meant to be used regularly or anything. Its meant to be used on computers that you can't even boot because they are so loaded down with crap. I still haven't gotten to try it yet.(to bussy burning other stuff right now. )

[Andavari]

rridgely, on Feb 4 2007, 04:33 PM, said:

I still haven't gotten to try it yet.(to bussy burning other stuff right now. )

You ain't missin' a damn thing bro, it's stupid easy to use! Although it would be mighty handy on a super infected system even if Windows was bootable in normal mode.

It's a simply five step process of scanning, then you walk away for nearly an hour depending upon how many files you have. It however takes forever when scanning archive files like .zip, .jar, etc.

Edit:
It sort of reminds me what I did back in the Win98 days with F-PROT Antivirus for DOS, using a bootdisk and a CD-RW to clean infected systems.